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AMENDMENTS TO THE CLAIMS 
1. (Currently Amended) A method comprising: 

in a global operating system environment controlled by a single operating system 
kernel instance, establishing a first non-global zone for isolating processes from processes in 
other non global zones and a second non- global zone , wherein the first non-global zone has 
a unique first zone identifier and the second non- global zone has a unique second zone 
identifier ; 

receiving from a first process executing in association with the first non-global zone 
a first request to create a first inter-process communications (IPC) object , wherein the first 
process provides a particular object identifier to be assigned to the first IPC object, and 
wherein the first process has the first zone identifier associated therewith ; 

in response to receiving the first request, creating a communications first IPC object, 
wherein the communications object has the unique zone identifier of the first process 
associated therewith first zone identifier associated with the first process is associated with 
the particular object identifier to give rise to a first augmented identifier for the first IPC 
object ; 

receiving from a second process executing in association with the first non- global 
zone a second request to initiate communications using the communications access an IPC 
object having the particular object identifier assigned thereto, wherein the second process 
provides the particular object identifier, and wherein the second process has the first zone 
identifier associated therewith ; 

in response to receiving the s e cond request, determining , based upon the particular 
object identifier provided by the second process and the first zone identifier if the second 
process is associated with the non global zone having the unique zone identifier of the 



SUN030219-US-NP 



2 



Docket No. 15437-0586 

communications object associated with the second process, that the second process is 
requesting access to the first IPC object ; aad 

denying the second request if the second process is not associated with the non 
global zone having the unique zone identifier of the communications object 

permitting the second process to access the first IPC object to communicate with the 
first process; 

receiving from a third process executing in association with the second non-global 
zone a request to create a second IPC object, wherein the third process provides the same 
particular object identifier to be assigned to the second IPC object, and wherein the third 
process has the second zone identifier associated therewith ; 

creating a second IPC object, wherein the second zone identifier associated with the 
third process is associated with the particular object identifier to give rise to a second 
augmented identifier for the second IPC object; 

receiving from a fourth process executing in association with the second non-global 
zone a request to access an IPC object having the particular object identifier assigned 
thereto, wherein the fourth process provides the particular object identifier, and wherein the 
fourth process has the second zone identifier associated therewith; 

determining, based upon the particular object identifier provided by the fourth 
process and the second zone identifier associated with the fourth process, that the fourth 
process is requesting access to the second IPC object; and 

permitting the fourth process to access the second IPC object to communicate with 
the third process; 



SUN030219-US-NP 



3 



Docket No. 15437-0586 

thereby enabling processes in the first non-global zone and the second non-global 
zone to use the same particular object identifier for inter-process communication without 
collision . 

2-3. Canceled 

4. (Currently Amended) The method of claim 3 I, wherein the communications 
particular object identifier comprises at least one of an address, a socket identifier, a port, a 
flex address, a semaphore identifier, a message queue identifier, a shared memory segment 
identifier, a pipe and a stream identifier. 

5. (Currently Amended) The method of claim 1, wherein establishing a the first 
non-global zone for isolating processes from processes in other non global zones further 
comprises: 

creating a the first non-global zone; 

associating a unique the first zone identifier with the first non-global zone; and 
creating a data structure for managing information about communications pertaining 
to IPC objects associated with the first non-global zone. 

6. (Currently Amended) The method of claim 1 , wherein receiving from a 
second process a request to initiate communications using the communications object 
comprises receiving a request from a requestor process in a first non global zone to 
communicate with a recipient process in a second non global zone, the method further A 
method comprising: 
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in a global operating system environment controlled by a single operating system 
kernel instance, establishing a first non- global zone and a second non- global zone; 

receiving a request from a requestor process in the first non-global zone to 
communicate with a recipient process in the second non- global zone; 

retrieving credentials for the requestor process , the credentials comprising a zone 
identifier indicating a non global zone to which the requestor process is bound ; 

verifying , based upon the credentials, that the requestor process is authorized to 
communicate with the recipient process across a non-global zone boundary based upon the 
credentials ; and 

establishing a communication path between the requestor process and the recipient 
process via the global operating system environment if the requestor process is authorized to 
communicate with the recipient process, wherein the communication path is established 
using a process that is resident in the global operating system environment . 

7. (Currently Amended) The method of claim 1, wherein the communications 
first IPC object comprises at least one of a loopback transport provider, a semaphore, a 
shared memory segment, a message queue and an event channel. 



8-12. Canceled 



13. (Currently Amended) A computer readable storage medium, comprising: 
instructions for causing one or more processors to establish , in a global operating 
system environment controlled by a single operating system kernel instance, a first non- 
global zone for isolating processes from processes in other non global zones in an operating 
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system environment controlled by a single operating system kernel instance and a second 
non-global zone , wherein the first non-global zone has a unique first zone identifier and the 
second non- global zone has a unique second zone identifier ; 

instructions for causing one or more processors to receive from a first process 
executing in association with the first non-global zone a fest request to create a first inter- 
process communications (IPC) object , wherein the first process provides a particular object 
identifier to be assigned to the first IPC object, and wherein the first process has the first 
zone identifier associated therewith ; 

instructions for causing one or more processors to create a first IPC communications 
object, in response to receiving the first request, wherein the communications object has the 

with the first process is associated with the particular object identifier to give rise to a first 
augmented identifier for the first IPC object ; 

instructions for causing one or more processors to receive from a second process 
executing in association with the first non-global zone a second request to initiate 
communications using the communications access an IPC object having the particular object 
identifier assigned thereto, wherein the second process provides the particular object 
identifier, and wherein the second process has the first zone identifier associated therewith ; 

instructions for causing one or more processors to determine, in response to 
receiving the second request, if the second process is associated with the non global zone 
having the unique zone identifier of the communications object based upon the particular 
object identifier provided by the second process and the first zone identifier associated with 
the second process, that the second process is requesting access to the first IPC object ; and 



SUN030219-US-NP 



6 



Docket No. 15437-0586 

instructions for causing one or more processors to deny the second request if the 
second process is not associated with the non global zone having the unique zone identifier 
of the communications object permit the second process to access the first IPC object to 
communicate with the first process; 

instructions for causing one or more processors to receive from a third process 
executing in association with the second non- global zone a request to create a second IPC 
object, wherein the third process provides the same particular object identifier to be assigned 
to the second IPC object, and wherein the third process has the second zone identifier 
associated therewith ; 

instructions for causing one or more processors to create a second IPC object, 
wherein the second zone identifier associated with the third process is associated with the 
particular object identifier to give rise to a second augmented identifier for the second IPC 
object; 

instructions for causing one or more processors to receive from a fourth process 
executing in association with the second non-global zone a request to access an IPC object 
having the particular object identifier assigned thereto, wherein the fourth process provides 
the particular object identifier, and wherein the fourth process has the second zone identifier 
associated therewith; 

instructions for causing one or more processors to determine, based upon the 
particular object identifier provided by the fourth process and the second zone identifier 
associated with the fourth process, that the fourth process is requesting access to the second 
IPC object; and 

instructions for causing one or more processors to permit the fourth process to access 
the second IPC object to communicate with the third process; 
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thereby enabling processes in the first non-global zone and the second non-global 
zone to use the same particular object identifier for inter-process communication without 
collision . 

14-15. Canceled 

16. (Currently Amended) The computer readable storage medium of claim 45- 
13, wherein a communications the particular object identifier comprises at least one of an 
address, a socket identifier, a port, a flex address, a semaphore identifier, a message queue 
identifier, a shared memory segment identifier, a pipe and a stream identifier. 

17. (Currently Amended) A The computer readable storage medium of claim 13, 
wherein the instructions for causing one or more processors to establish a the first non- 
global zone for isolating processes from processes in other non global zones further 
comprises: 

instructions for causing one or more processors to create a the first non-global zone; 

instructions for causing one or more processors to associate a unique the first zone 
identifier with the first non-global zone; and 

instructions for causing one or more processors to create a data structure for 
managing information about communications pertaining to IPC objects associated with the 
first non-global zone. 

1 8 . (Currently Amended) A computer readable storage medium of claim 13, 
wherein instructions for causing one or more processors to receive from a second process a 
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request to initiate communications using the communications object comprises instructions 
for causing one or more processors to receive a request from a requestor process in a first 
non global zone to communicate with a recipient process in a second non global zone, the 
computer readable medium further comprising: 

instructions for causing one or more processors to establish, in a global operating 
system environment controlled by a single operating system kernel instance, a first non- 
global zone and a second non- global zone; 

instructions for causing one or more processors to receive a request from a requestor 
process in the first non-global zone to communicate with a recipient process in the second 
non-global zone; 

instructions for causing one or more processors to retrieve credentials for the 
requestor process , the credentials comprising a zone identifier indicating a non global zone 
to which the requestor process is bound ; 

instructions for causing one or more processors to verify , based upon the credentials, 
that the requestor process is authorized to communicate with the recipient process across a 
non-global zone boundary based upon the credentials ; and 

instructions for causing one or more processors to establish a communication path 
between the requestor process and the recipient process via the global operating system 
environment if the requestor process is authorized to communicate with the recipient 
process, wherein the communications path is established using a process that is resident in 
the global operating system environment . 
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19. (Currently Amended) A The computer readable storage medium of claim 13, 
wherein the communications first IPC object comprises at least one of a loopback transport 
provider, a semaphore, a shared memory segment, a message queue and an event channel. 

20-24. Canceled 

25. (Currently Amended) An apparatus, comprising: 

means for establishing a non global zone for isolating processes from processes in 
other non global zones in a global operating system environment controlled by a single 
operating system kernel instance, wherein the non global zone has a unique zone identifier; 

means for receiving from a first proc e ss executing in association with the non global 
zone a first request to create a communications object; 

means for creating a communications object, in response to receiving the first 
request, wherein the communications object has the unique zone identifier of the first 
process associated therewith; 

means for receiving from a second process a second request to initiate 
communications using the communications object; 

means for determining, in response to receiving the second request, if the second 
process is associated with the non global zone having the unique zone identifier of the 
communications object; and 

means for denying the second request if the second process is not associated with the 
non global zone having the unique zon e identifier of the communications object 

means for establishing, in a global operating system environment controlled by a 
single operating system kernel instance, a first non-global zone and a second non-global 
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zone, wherein the first non- global zone has a unique first zone identifier and the second non- 
global zone has a unique second zone identifier; 

means for receiving from a first process executing in association with the first non- 
global zone a request to create a first inter-process communications (IPC) object, wherein 
the first process provides a particular object identifier to be assigned to the first IPC object, 
and wherein the first process has the first zone identifier associated therewith; 

means for creating a first IPC object, wherein the first zone identifier associated with 
the first process is associated with the particular object identifier to give rise to a first 
augmented identifier for the first IPC object; 

means for receiving from a second process executing in association with the first 
non-global zone a request to access an IPC object having the particular object identifier 
assigned thereto, wherein the second process provides the particular object identifier, and 
wherein the second process has the first zone identifier associated therewith; 

means for determining, based upon the particular object identifier provided by the 
second process and the first zone identifier associated with the second process, that the 
second process is requesting access to the first IPC object; 

means for permitting the second process to access the first IPC object to 
communicate with the first process; 

means for receiving from a third process executing in association with the second 
non-global zone a request to create a second IPC object, wherein the third process provides 
the same particular object identifier to be assigned to the second IPC object, and wherein the 
third process has the second zone identifier associated therewith ; 
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means for creating a second IPC object, wherein the second zone identifier 
associated with the third process is associated with the particular object identifier to give 
rise to a second augmented identifier for the second IPC object; 

means for receiving from a fourth process executing in association with the second 
non-global zone a request to access an IPC object having the particular object identifier 
assigned thereto, wherein the fourth process provides the particular object identifier, and 
wherein the fourth process has the second zone identifier associated therewith; 

means for determining, based upon the particular object identifier provided by the 
fourth process and the second zone identifier associated with the fourth process, that the 
fourth process is requesting access to the second IPC object; and 

means for permitting the fourth process to access the second IPC object to 
communicate with the third process; 

thereby enabling processes in the first non-global zone and the second non-global 
zone to use the same particular object identifier for inter-process communication without 
collision . 

26-27. Canceled 

28. (New) An apparatus comprising: 

means for establishing, in a global operating system environment controlled by a 
single operating system kernel instance, a first non-global zone and a second non-global 
zone; 

means for receiving a request from a requestor process in the first non-global zone to 
communicate with a recipient process in the second non-global zone; 
means for retrieving credentials for the requestor process; 
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means for verifying, based upon the credentials, that the requestor process is 
authorized to communicate with the recipient process across a non-global zone boundary; 
and 

means for establishing a communication path between the requestor process and the 
recipient process if the requestor process is authorized to communicate with the recipient 
process, wherein the communication path is established using a process that is resident in 
the global operating system environment. 
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